×
Namespaces

Variants
Actions

Archived:How to sign a .Sis file with Self-Sign Certificate

From Nokia Developer Wiki
Jump to: navigation, search

Archived.pngArchived: This article is archived because it is not considered relevant for third-party developers creating commercial solutions today. If you think this article is still relevant, let us know by adding the template {{ReviewForRemovalFromArchive|user=~~~~|write your reason here}}.

Article Metadata
CompatibilityArticle
Created: kiran10182 (04 May 2007)
Updated: savaj (18 Oct 2011)
Reviewed: hamishwillee (18 Oct 2011)
Last edited: hamishwillee (28 Jun 2012)

This article explains how to self sign your application using the IDE or command line. From S60 3rd Edition (Symbian OS v9) Nokia devices will only install signed applications. This article is specific to S60 3rd Edition application development or newer.

Contents

Overview

A self-signed application is one that is signed with a user-created certificate. Self signed applications are not trusted - they can only be used for applications with basic capabilities, and the user must acknowledge a warning before they can be installed. The benefit of self signing is that it is free, and can be used on any device.

Applications can also be locally signed using a Developer Certificate obtained from Symbian Signed. The certificate locks signed applications to install on specific devices, but in return grants more capabilities than self-signing. There are still installation warnings.

Both self signed and DevCert signing can be done locally through your IDE or the command line, as discussed in the following sections.

Note.pngNote: 

  • Basic capabilities include LocalServices capability can also be granted to self-signed applications.
  • An application that does not require any capabilities can also be self-signed.
  • You cannot self-sign applications with a UID3/SID in the protected range. During development choose a random UID from the 0xE******* range. For application release use a UID in the 0xA******* range that you obtain from Symbian Signed.

Qt Creator IDE

Qt Creator self-signs applications by default. As shown in the screenshot below you can also specify a "Custom certificate" and browse to your Developer Certificate and it's private key.

  1. Open your project in Qt Creator
  • Projects >> Targets >> Symbian Device >> Run >> Run Settings >> Create SIS Package
  • Select "Self signed certificate" or "Custom certificate" (and browse to the certificate and key file)

SigningInQtCreator.png

Tip.pngTip: Using the "Custom certificate" section can also self-sign an application using your own certificate rather than the default certificate provided with Qt Creator. However in this case you will need to create the certificate/key pair using the command line

Carbide.c++

Carbide.c++ IDE offers inbuilt feature to create and sign the .sis file with Self-signed certificate or Developer Certificate. See the images below:

  1. Open your project in Carbide.c++
    Project >> Properties >> Carbide.c++ >> Build Configurations >> SIS Builder
    Step1.png
  2. Project >> Properties >> Carbide.c++ >> Build Configurations >> SIS Builder >> Add
    Step2.png

Command Line

Following is the example which illustrates the Self-Signing procedure using the command line.

Step-1 Creating Certificate and Keys

From your Desktop Screen: Start-> Run -> Cmd then go in your Sis file path using cd DOS command.

C:\HelloWorld\sis> makekeys -cert -password World123 -len 1024 -dname "CN=World User OU=Development OR=WorldCompany CO=FI EM=World@test.com" WorldKey.key WorldCert.cer

This creates WorldKey.key and WorldCert.cer key and certificate files files which you will need to sign your HelloWorld.sis file in the following statement.

Important: Versions of MakeKeys prior to Symbian 9.2 always generate certificates with a validity period of 1 year. This may be too short for released code, as it restricts the lifetime of the signed SIS files. You can create a certificate using OpenSSL to choose a different validity period, or use the update to MakeKeys in latests SDKs to specify an alternative validity period.

Step-2 Signing Application

C:\HelloWorld\sis>signsis HelloWorld.sis HelloWorld.sis WorldCert.cer WorldKey.key YourPassword

Finally you will get your Self-Signed certified HelloWorld.Sis file. Install it on the device. Have fun !!!

Tip.pngTip: Instead of using makesis to create the .sis and then signsis to sign it, you can use createsis to perform both operations at once:

createsis create -cert WorldCert.cer -key WorldKey.key -pass YourPassWord HelloWorld.pkg

Related articles

This page was last modified on 28 June 2012, at 09:22.
865 page views in the last 30 days.
×